Posted on 11/03/2009 9:35:44 PM PST by Gomez
Now that we in the northern hemisphere have had some time to digest the Windows 7 hype and settle in for the coming winter, we thought we would get some more hard data regarding Windows 7 security.
On October 22nd, we settled in at SophosLabs and loaded a full release copy of Windows 7 on a clean machine. We configured it to follow the system defaults for User Account Control (UAC) and did not load any anti-virus software.
We grabbed the next 10 unique samples that arrived in the SophosLabs feed to see how well the newer, more secure version of Windows and UAC held up. Unfortunately, despite Microsoft's claims, Windows 7 disappointed just like earlier versions of Windows. The good news is that, of the freshest 10 samples that arrived, 2 would not operate correctly under Windows 7.
User Account Control did block one sample; however, its failure to block anything else just reinforces my warning prior to the Windows 7 launch that UAC's default configuration is not effective at protecting a PC from modern malware.
Lesson learned? You still need to run anti-virus on Windows 7. Microsoft, in the Microsoft Security Intelligence Report released yesterday, stated that "The infection rate of Windows Vista SP1 was 61.9 percent less than that of Windows XP SP3."
But let's not get complacent. Microsoft seems to be saying that Vista is the least ugly baby in its family. You can be sure the next report will highlight its even less ugly younger sibling, Windows 7.
Why do I say this? As of October 31st www.netmarketshare.com states that Windows Vista has a 19% market share against Windows XP's 70.5% and Windows 7's 2%. Approximately 1 in 5 Windows users is using either Vista or Windows 7. These users often have newer computers, automatic patching, and firewalls and anti-virus software in place.
With millions of hosts still infected with Conficker, ZBot and Bredo, it is obvious a lot of unprotected machines are still out there, and it is no surprise that most of those are XP.
As the chart above shows, Windows 7 users need not feel left out. They can still participate in the ZBot botnet with a side of fake anti-virus. Windows 7 is no cure for the virus blues, so be sure to bring your protection when you boot up.
Whow. More proof that you are a blowhard without facts. You are exposed for what you are. You were challenged to prove that you know what you are talking about by someone who DOES know what he is talking about. You failed. Admit it. FUD!
By the way, I don't give a damn about what you think... I do care about the truth, and it is not in you.
Yes, I’ve acknowledged multiple times in this thread that Windows has more malware problems and is more vulnerable to the malware. But like I also said more isn’t equal to only. All OSes face the malware problem, and thus the statement “it seems like only one OS has this problem” is silly. Which is ALL I SAID, now get over it.
> You failed. Admit it.
Swordmaker, he won't, and you can't make him. Best to leave this one as-is, IMO. Likewise with our persistent FRiend with the difficulty regarding proportions and thresholds. ;-)
There are other threads, and better uses of time. See ya on another one!
I don’t have a difficulty regarding proportions and thresholds, they’re outside the point I was making.
*sigh*
Yeah, but we all agreed on your point that 1 does not equal 0 long ago. Knitebane, not Swordmaker and not I, said this:
The question is "Why is an operating system so easy to infect that it requires us to have this conversation [about viruses]?" Other operating systems don't seem to have this problem.Knitebane didn't say "zero" either, he said it was a non-problem, i.e. below the threshold of worry. For instance, do I worry about people trying to break into my systems with user/pass auth? No, because it's not an effective attack.
You misinterpreted "it's not a problem for other operating systems" (meaning they are robust), and thought he was saying there were no attacks. OF COURSE there are attacks against all operating systems. No one has said otherwise.
You have been beating that dead horse for dozens of comments since then, and I am about to conclude that you're not just being dense, you're trolling. Against my better judgment I have again tried to enlighten you that you're tilting at a windmill here.
We all agree, 1 attack does not equal 0 attacks. But if the '1' (or '2' or whatever) are INEFFECTIVE, they are below the threshold of concern.
*sigh*
No actually you didn’t. Over and over again you guys keep saying I said the threat is equal, here’s some quotes:
Swordmaker - Saying that having an OS with few minor attack points is the same as an OS having thousands of attacks point is what is silly.
you - Unix had one or two demonstrable worms/viruses in the past 20 years, that it was somehow equivalent to Windows,
knitebane - Attempting to say that it’s the same
See over and over you guys say I’m saying it’s the same level of problem. And yet if you actually bothered to READ what I’ve said you’d see all the way back in post 46 I said “All OSes have the problem, maybe not as bad as Windows but they still have it.”
When knitebane said it was a non-problem he was wrong. It’s a problem for all OSes. If he’d said it wasn’t AS BIG a problem he’d have been correct. Which is my point, which you guys just can’t seem to bother to acknowledge is what I actually said.
The only reason I’m beating any horse is because you guys keep lying about what I said. Had you not constantly added a concept of equivalency to what I said, a concept I DIRECTLY CONTRADICTED at the beginning of this conversation, it would already be over. But here, again, you insist I’m taking a position exactly the opposite of what I’m taking. I’m not trolling. You’re the one throwing insults, you’re the one lying about what I said, you’re the one showing all the trollish behavior. All you need to do to make this a polite conversation again is get off your high horse, stop assigning me a position I’ve never taken, and stop assuming.
> I’m not trolling.
You know what’s worse than you blatant lies about what I said? It’s your condescension. And then of course you’re complete unwillingness to admit you were wrong. Here’s my last word, the proof that you’re a liar, the proof that I never said what you said I said, and the proof that you can’t admit you’re wrong:
http://www.freerepublic.com/focus/f-chat/2378046/posts?page=46#46
All OSes have the problem, maybe not as bad as Windows but they still have it.
There are "problems" and then there are "PROBLEMS." If I can run my Mac OS X computers for eight years without having to take steps to assure their security, that is no where a problem for me and other Mac users... it doesn't even rise to the level of a "problem." It has been even possible to run a Mac without a firewall. Quite frankly, until it rises far above where the level is now, it just is not a problem. Have software engineers at Apple had to consider the potential for a problem and do something to prevent it? Yes. For them, perhaps you could call it a problem. Not for users.
For those same eight years every user of the other major platform had to take proactive protective steps that still might not have been enough to prevent the invasion of their computers. Numerous computers invaded by malware have cost billions of dollars in clean up and lost productivity. That has been a "PROBLEM."
The perception, Discostu, is that you have continually made the case that the there is a problem for all, as though the problems are equal. We have been saying that is not the case.
Look, I apologize for the condescension, but my god, man, please try to understand something:
The point is not that attacks exist. Of course they do. We all agree that they do, against all systems. Lay that one down, we agree.That's all I've been trying to say. There are NO EFFECTIVE viruses for Unix or OS-X. A properly patched Unix system is robust -- it doesn't have the problem. A properly patched Windows system is still vulnerable to tons of viruses -- it still has the problem. That's what matters, man. That was the point of the article, and the point of the thread. Try to get this, please, I'll say it again:The point is that they are INEFFECTIVE against a very robust system like Unix, yet EFFECTIVE against comparatively non-robust Windows, still after all this time and improvement.
Attacks exist, for all systems.You keep talking about attacks that don't work against Unix. WHO BLOODY CARES ABOUT THE ONES THAT DON'T WORK??? They don't work, they don't matter, they're NOT A PROBLEM. Sheesh.What matters is only whether they are effective at damaging your system. If you repel them successfully, they are not a problem for you.
And once again I quote myself:
All OSes have the problem, maybe not as bad as Windows but they still have it.
Now explain how that’s saying the problem is equal for all?
I never talked about attacks. I simply pointed out that malware exists for ALL platforms and that platforms CAN be hit. And all your lies, your condescension and now your yelling doesn’t change what I said or the simple truth that the problem of malware is universal in its presence, all that changes is the level of vulnerability. And if you think there are no effective viruses against Unix you’re an idiot.
And I replied that all that matters is whether the malware can actually DO something other than fail against proper robust defense. If it is not effective, then it's just pissing against the door, and therefore IT IS NOT A PROBLEM. Got that? NOT. A. PROBLEM.
Simple analogy: Your car's engine generates heat. If you don't get rid of the heat, the engine will break. So you properly design the engine to include a cooling system. Now, as long as you maintain the system, HEAT IS NOT A PROBLEM. I'm not saying that there's "no heat". WE AGREE THAT THE HEAT IS THERE. I'm saying that "the heat is dealt with by proper design".
Got that analogy? Car = operating system. Heat = malware. Cooling system = proper design. OK??? Unix is properly designed for robustness. Windows, even after all these years, is not. That's why a properly patched Windows system is STILL VULNERABLE while Unix is not.
> And if you think there are no effective viruses against Unix you’re an idiot
That epithet was uncalled for. It's also inaccurate.
I challenged you to name four viruses that are effective against Unix since 2000 and succeeded in infecting a few thousand systems. You failed to name even ONE virus that is effective against a properly patched Unix system.
Call me an idiot? Name the viruses that have infected a few thousand properly patched Unix systems since 2000. NOW. And don't pull the crap you did before about ancient unpatched systems or Linux. We're talking about Unix, relatively recent, properly patched.
"Maybe not as bad"??? OK, last time, I promise. If you can't understand this, no more from me.
* There is malware written for every OS.
* If the malware is effective, it is a problem for the OS.
* If the malware is not effective, it is NOT a problem for the OS.
You keep saying that "all OSes have the problem", but you are unable to name even one virus that successfully infects a few thousand properly patched relatively recent Unix systems. Do so now, please.
Swordmaker, you are my witness. ;-)
"Maybe?!"
What world are you living on, Discostu? Do you seriously intend to spread doubt that Microsoft Windows ISN'T the most infected, malware ridden OS of all of them?
This implied exaggeration from you is the very thing we are talking about in this discussion. Do you seriously maintain that the fact that malware for Windows outnumbers malware for all other OSes combined—at least a hundred times over—is controversial? Come on, Man. That's absurd. And that is why you lose this discussion.
Your attitude seems to be that a leak in the kitchen sink is the same as the sinking of the Titanic... and that people should be equally worried about both! More absurdity.
Same here.
He’s a troll.
And he can't even successfully demonstrate the leak in the kitchen.
He continues to insult us, he hasn't budged an inch in the direction of simple common sense, and yet he continues to elicit comments from us. Swordmaker, my FRiend, we have been feeding a troll. I'm flat out of troll house cookies...
I was hoping he'd enlighten me about the virus(es) he knows of, that are effective against my Unix systems. I thought he'd tell me something I could use to improve my systems' defenses. Guess not. *sigh*
Funny how the guy doing all the screaming is accusing others of being a troll.
No that epithet was called for. Because you’ve spent three days being condescending and insulting, and you stuck your foot in it saying the stupidest thing on this thread.
I don’t need to name any viruses. You know they get made, you know you need to take certain precautions like patching up and not running as root to protect yourself from them. Here’s a little something from the guys that wrote this article:
http://www.sophos.com/blogs/sophoslabs/v/post/1423
More recently our own analysis shows that nearly half the compromised web servers hosting malware are running Apache, and 70% of the infections caught on our linux honeypot are a six year old virus called Rst-B. And the most commonly infected files are trojanised versions of Unix system utilities downloaded by hackers after a successful break-in.
I want you to pay particular attention to the last sentence. Trojans utilize the one vulnerability no OS can protect itself from: stupid users. As long as stupid users exist there will always be effective viruses.
“Maybe” as in “perhaps” as in not really part of the point.
I never said it was controversial. there you go again lying about what I said. I’ve said Windows has more malware and lower security more times on this thread that you have. And yet here you go continuing to say I’m saying the opposite. Stop lying.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.